Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/_03eplVNeY1eJhflia8sVCZw6wk.roa
File: _03eplVNeY1eJhflia8sVCZw6wk.roa (raw, json)
Hash identifier: d5EP4PhY87T7S3NqmdOnwCnVI2ngVzzYdHvsKUFvlH4=
Subject key identifier: FF:4D:DE:A6:55:4D:79:8D:5E:26:17:E5:89:AF:2C:54:26:70:EB:09
Certificate issuer: /CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Certificate serial: 018F2C9D129FD2B9167BF0A4FEEBD9C46E4A
Authority key identifier: 9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/_03eplVNeY1eJhflia8sVCZw6wk.roa
Signing time: Tue 30 Apr 2024 01:27:22 +0000
ROA not before: Tue 30 Apr 2024 01:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197524
IP address blocks: 5.22.240.0/21 maxlen: 21
88.133.0.0/17 maxlen: 22
88.133.0.0/19 maxlen: 19
88.133.64.0/19 maxlen: 19
88.133.128.0/20 maxlen: 20
88.133.156.0/22 maxlen: 24
109.199.160.0/19 maxlen: 19
185.9.64.0/22 maxlen: 22
2a01:a980::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 13 May 2024 16:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2c:9d:12:9f:d2:b9:16:7b:f0:a4:fe:eb:d9:c4:6e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bea3a3a4a3606c7396f15f501ac5c641785750c
Validity
Not Before: Apr 30 01:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff4ddea6554d798d5e2617e589af2c542670eb09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:65:14:ff:d1:68:c4:1f:87:b9:ee:b6:3a:0f:
76:4e:e8:08:b4:df:67:97:c1:c0:b5:f5:aa:95:34:
03:6e:af:b0:fb:2d:a9:07:11:6b:ba:88:d0:58:d7:
0c:8e:c8:28:2c:4f:c5:ee:e6:bb:21:a8:fa:64:f0:
a3:3d:02:e5:1a:8f:91:29:7e:8d:a0:3f:2c:ac:c2:
2a:b2:6a:6d:13:5b:69:14:d5:2a:1a:8d:14:7c:97:
e4:d4:dd:31:db:c6:2b:68:ef:8b:7b:95:90:81:12:
cd:ad:77:df:f7:28:65:24:da:15:42:44:f3:d7:34:
37:96:d3:be:9c:34:9a:ed:28:b9:0f:cc:5d:69:61:
43:26:49:bd:25:de:bd:cc:31:0d:04:27:d5:70:69:
71:b2:9f:cf:08:b5:3d:77:0d:cb:2c:9e:b2:90:f4:
e8:af:0c:6b:5e:fd:a7:db:43:0b:04:1f:4e:e3:44:
38:d0:4f:72:06:b8:7c:d1:d9:3e:47:c0:b0:39:c0:
d5:b9:a9:9a:79:01:b5:b2:d8:a2:3e:e6:78:96:6d:
c8:09:9f:8a:ff:94:c1:8b:77:ca:be:9c:52:5e:d6:
59:0e:65:ef:ac:05:49:5f:e5:b1:cd:65:ca:74:46:
bc:1f:3d:70:a8:65:4e:e8:e6:79:74:00:d7:a7:e1:
9e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4D:DE:A6:55:4D:79:8D:5E:26:17:E5:89:AF:2C:54:26:70:EB:09
X509v3 Authority Key Identifier:
keyid:9B:EA:3A:3A:4A:36:06:C7:39:6F:15:F5:01:AC:5C:64:17:85:75:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/_03eplVNeY1eJhflia8sVCZw6wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/89abb8-636d-4084-81a0-c63adb6ee5d9/1/m-o6Oko2Bsc5bxX1AaxcZBeFdQw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.240.0/21
88.133.0.0-88.133.143.255
88.133.156.0/22
109.199.160.0/19
185.9.64.0/22
IPv6:
2a01:a980::/29
Signature Algorithm: sha256WithRSAEncryption
14:a0:4e:1c:b3:69:45:f8:e1:4f:99:2d:da:8a:80:16:1a:9a:
dc:0c:91:ad:09:11:c4:75:74:ab:7d:25:b5:ca:de:61:24:08:
40:82:96:e7:ab:2b:99:54:03:cf:cd:38:e4:21:68:be:63:c7:
d3:83:d5:09:19:b2:38:83:29:ea:c4:c5:13:85:5e:f6:e4:86:
24:eb:a9:ff:95:6e:16:11:cf:55:3a:05:e4:b8:a2:32:d2:e7:
61:05:c3:a0:ea:8b:c4:ea:93:c8:36:75:70:69:fc:55:93:57:
5e:7d:0e:e3:ac:f9:87:fe:4e:c3:0f:94:73:5f:cc:61:a7:04:
d6:f3:29:8f:47:b5:1e:3b:5f:bc:77:f3:7a:5e:38:bb:78:60:
bc:40:b6:32:92:25:83:a2:3f:e5:fb:35:6a:a7:08:f3:89:76:
66:2e:6f:d1:c9:03:26:9f:09:4a:e2:a6:79:a3:5e:3b:23:a8:
9f:5d:c6:89:77:b1:d3:25:95:06:52:c9:06:fa:29:50:53:ab:
da:86:dd:95:b7:5e:83:ef:d1:cd:0c:47:1f:c5:88:27:f3:2d:
b5:11:6a:80:6a:56:bd:31:f0:bf:08:82:01:fc:00:bb:5f:41:
ac:a6:63:34:f9:ab:56:94:02:9b:4a:b7:68:16:42:04:9c:c8:
54:af:56:4f
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8snRKf0rkWe/Ck/uvZxG5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZWEzYTNhNGEzNjA2YzczOTZmMTVmNTAxYWM1YzY0MTc4
NTc1MGMwHhcNMjQwNDMwMDEyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjRkZGVhNjU1NGQ3OThkNWUyNjE3ZTU4OWFmMmM1NDI2NzBlYjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2UU/9FoxB+Hue62Og92TugItN9n
l8HAtfWqlTQDbq+w+y2pBxFruojQWNcMjsgoLE/F7ua7Iaj6ZPCjPQLlGo+RKX6N
oD8srMIqsmptE1tpFNUqGo0UfJfk1N0x28YraO+Le5WQgRLNrXff9yhlJNoVQkTz
1zQ3ltO+nDSa7Si5D8xdaWFDJkm9Jd69zDENBCfVcGlxsp/PCLU9dw3LLJ6ykPTo
rwxrXv2n20MLBB9O40Q40E9yBrh80dk+R8CwOcDVuamaeQG1stiiPuZ4lm3ICZ+K
/5TBi3fKvpxSXtZZDmXvrAVJX+WxzWXKdEa8Hz1wqGVO6OZ5dADXp+Ge4QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFP9N3qZVTXmNXiYX5YmvLFQmcOsJMB8GA1UdIwQY
MBaAFJvqOjpKNgbHOW8V9QGsXGQXhXUMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAt
YzYzYWRiNmVlNWQ5LzEvXzAzZXBsVk5lWTFlSmhmbGlhOHNWQ1p3NndrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC84OWFiYjgtNjM2ZC00MDg0LTgxYTAtYzYzYWRiNmVlNWQ5
LzEvbS1vNk9rbzJCc2M1YnhYMUFheGNaQmVGZFF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDArBAIAATAlAwQDBRbwMAsD
AwBYhQMEBFiFgAMEAliFnAMEBW3HoAMEArkJQDANBAIAAjAHAwUDKgGpgDANBgkq
hkiG9w0BAQsFAAOCAQEAFKBOHLNpRfjhT5kt2oqAFhqa3AyRrQkRxHV0q30ltcre
YSQIQIKW56srmVQDz8045CFovmPH04PVCRmyOIMp6sTFE4Ve9uSGJOup/5VuFhHP
VToF5LiiMtLnYQXDoOqLxOqTyDZ1cGn8VZNXXn0O46z5h/5Oww+Uc1/MYacE1vMp
j0e1HjtfvHfzel44u3hgvEC2MpIlg6I/5fs1aqcI84l2Zi5v0ckDJp8JSuKmeaNe
OyOon13GiXex0yWVBlLJBvopUFOr2obdlbdeg+/RzQxHH8WIJ/MttRFqgGpWvTHw
vwiCAfwAu19BrKZjNPmrVpQCm0q3aBZCBJzIVK9WTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:50:16 2024 by rpki-client on console-ams.rpki-client.org